Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) — Vulnerability Class 21551

21551 vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2025-1230 Cross-Site Scripting (XSS) vulnerability in Prestashop — Prestashop 4.8 Medium2025-02-12
CVE-2025-1190 code-projects Job Recruitment load_user-profile.php cross site scripting — Job Recruitment 3.5 Low2025-02-12
CVE-2024-13459 FuseDesk <= 6.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — FuseDesk 6.4 Medium2025-02-12
CVE-2024-13456 Easy Quiz Maker <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — Easy Quiz Maker 6.4 Medium2025-02-12
CVE-2025-0506 Rise Blocks – A Complete Gutenberg Page Builder <= 3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via TitleTag Parameter — Rise Blocks – A Complete Gutenberg Page Builder 6.4 Medium2025-02-12
CVE-2023-49780 Extra Innovation acmailer CGI 跨站脚本漏洞 — acmailer CGI 6.1 -2025-02-12
CVE-2024-13665 Admire Extra <= 1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Admire Extra 6.4 Medium2025-02-12
CVE-2024-13658 NGG Smart Image Search <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — NGG Smart Image Search 6.4 Medium2025-02-12
CVE-2024-11746 Discover the Best Woocommerce Product Brands Plugin for WordPress – Woocommerce Brands Plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — GS Brands for WooCommerce 6.4 Medium2025-02-12
CVE-2024-13701 Liveticker (by stklcode) <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting — Liveticker (by stklcode) 6.4 Medium2025-02-12
CVE-2024-13749 StaffList <= 3.2.3 - Cross-Site Request Forgery to Reflected Cross-Site Scripting — StaffList 6.1 Medium2025-02-12
CVE-2024-54160 OpenSearch Dashboards Reports 安全漏洞 — OpenSearch 6.4 Medium2025-02-12
CVE-2025-25203 Ctrlpanel has stored XSS vulnerability in TicketsController priority field — panel 8.1 High2025-02-11
CVE-2024-12833 Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability — PRTG Network Monitor 8.0 -2025-02-11
CVE-2025-24414 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24415 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24416 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24413 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24438 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24417 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24412 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2025-24428 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 5.4 Medium2025-02-11
CVE-2025-24410 Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) — Adobe Commerce 8.7 High2025-02-11
CVE-2024-12755 Avaya Spaces XSS Vulnerability — Avaya Spaces 7.9 High2025-02-11
CVE-2024-27780 Fortinet FortiSIEM 跨站脚本漏洞 — FortiSIEM 2.2 Low2025-02-11
CVE-2024-27781 Fortinet FortiSandbox 跨站脚本漏洞 — FortiSandbox 6.9 High2025-02-11
CVE-2024-13830 Ivanti Connect Secure 跨站脚本漏洞 — Connect Secure 6.1 Medium2025-02-11
CVE-2025-26493 JetBrains TeamCity 跨站脚本漏洞 — TeamCity 4.6 Medium2025-02-11
CVE-2024-13506 GeoDirectory – WP Business Directory Plugin and Classified Listings Directory <= 2.8.97 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Display_name Parameter — GeoDirectory – WP Business Directory Plugin and Classified Listings Directory 6.4 Medium2025-02-11
CVE-2025-0862 SuperSaaS – online appointment scheduling <= 2.1.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via after Parameter — SuperSaaS – online appointment scheduling 4.9 Medium2025-02-11

Vulnerabilities classified as CWE-79 (在Web页面生成时对输入的转义处理不恰当(跨站脚本)) represent 21551 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.